Draconian Chinese crackdown puts domain industry at risk

The vast majority of top-level domain registries could soon be banned from selling domains into China due to a reported crackdown under a decade-old law.
That’s according to Allegravita, a company that helps registries with their go-to-market strategies in the country.
Allegravita released a report last week claiming that Chinese registrars will be forbidden to sell domains in TLDs that are not on a government-approved list.
The crackdown could come as early as July, the report says:

Foreign registries which have not applied for Chinese market approval are advised to do so in the near term, as unapproved Top-Level Domains are likely to be taken off the market from July this year.

As of April 30, there were only only 14 TLDs on the approved list. All of them are run by Chinese registries and only five do not use Chinese script.
Not on the list: every legacy gTLD, including .com, as well as every ccTLD apart from .cn.
The Draconian move is actually the implementation of regulations introduced by China’s Ministry of Industry and Information Technology over a decade ago but not really enforced since.
As I reported in December, Donuts was facing problems launching its Chinese-script gTLDs due to this red tape.
MIIT announced in 2012 that new gTLD applicants would need licenses to sell into China.
According to Allegrevita, which until recently was working heavily with TLD Registry (“.chinesewebsite”) on its entry into the country, it’s “no longer ambiguous” that MIIT has asserted full oversight of the domain industry in China.
MIIT’s crackdown appears to be focused on the 93 Chinese registrars it has approved to do business.
Allegravita says these companies will not be allowed to sell unapproved TLD domains to Chinese registrants, but that existing registrations will be grandfathered:

by sometime in July 2015, the MIIT will not permit unapproved registries to operate or offer their domains for sale in China. The MIIT will not interfere with existing domain registrations for unapproved registries; however, new registrations will not be permitted to be sold by Chinese registrars to Chinese registrants.

Presumably, non-Chinese registrars will reap the benefits of this as Chinese would-be registrants look elsewhere to buy their domains.
China is an important market for many registries, particularly the low-cost ones.
Judging by MIIT’s web site, getting approval to sell your TLD in China involves a fairly stringent set of requirements, including having a local presence.
MIIT said in a press release last month that the “special action” is designed “to promote the healthy development of the Internet, to protect China’s Internet domain name system safe and reliable operation

Chehade quits as ICANN CEO

ICANN president and CEO Fadi Chehade will step down from the post March 2016, he said in the last hour.
The shock news means he will have served just three and a half years in the top job by the time he leaves. He started September 14, 2012.
It sounds like he might already has a new job lined up. (UPDATE: He’s told AFP that he does, and the identity of his employer will be disclosed later this year.)
He’s told ICANN he intends “to move into a new career in the private sector (outside the Domain Name Industry)”, according to a press release.
Chehade will probably leave just about the same time as the transition of the IANA functions from US government oversight is finalized, assuming ICANN misses the target date of September 2015 and gets a six-month extension.
Here’s the full text of the press release:

The Internet Corporation for Assigned Names and Numbers (ICANN) today announced that President and CEO Fadi Chehadé has informed the Board he will be concluding his tenure in March 2016 to move into a new career in the private sector (outside the Domain Name Industry).
At the request of the Board, Chehadé will be available to work closely with ICANN after March 2016 to support the transition to a new leader, as well as to advise the Board on any issue they require including the implementation of the IANA Stewardship Transition from the US Government to ICANN and the technical operating community.
“I want to thank Fadi for his strong commitment,” said Dr. Stephen Crocker, Chair of the Board of Directors. I am very confident that with Fadi’s continued leadership and ICANN’s very experienced management team who have the breadth to ensure that ICANN continues to manage its key responsibilities effectively, that the organization’s work will proceed smoothly.”
“I am deeply committed to working with the Board, our staff, and our community to continue ICANN’s mission as we still have much to accomplish,” said Chehadé. “During the remaining 10 months of my tenure, it’s business-as-usual. My priority remains to continue strengthening ICANN’s operations and services to the global community.”

Personally, I think this is going to be horrible for continuity at ICANN. Chehade is a vision guy who had set out long-term goals for the organization that I don’t think he’ll be able to wrap up in his remaining 10 months.
What do you think?

.sucks and ICANN not invited to Congressional hearing on .sucks and ICANN

The witness list in next week’s US Congressional hearing into .sucks and ICANN accountability does not feature .sucks or ICANN.
The eight witnesses are largely drawn from outspoken critics of both ICANN and Vox Populi, either companies or trade associations and lobby groups. It’s stacked heavily in favor of intellectual property interests.
The hearing is titled “Stakeholder Perspectives on ICANN: The .sucks Domain and Essential Steps to Guarantee Trust and Accountability in the Internet’s Operation”.
With hindsight, the “Stakeholder Perspectives” bit gives away the fact that the judiciary subcommittee holding the hearing is more concerned with listening to ICANN’s critics than ICANN itself.
Mei-lan Stark, a senior intellectual property lawyer from Fox and 2014 president of the International Trademark Association, tops the list.
A critic of the new gTLD program, in 2011 Stark told Congress that the first round of new gTLDs would cost Fox “conservatively” $12 million in defensive registration fees.
It will be interesting to see if any Congresspeople confront Stark about that claim, which appeared like a gross overstatement even at the time.
One company that has been enthusiastically embracing new gTLDs — as an applicant, registry, defensive and non-defensive registrant — is Amazon, which has VP of global public policy Paul Misener on the panel.
Amazon has beef with ICANN for siding with the Governmental Advisory Committee over the battle for .amazon, which Amazon has been banned from obtaining, so it’s difficult to see the company as an overly friendly witness.
Next up is John Horton, president of LegitScript, the company that certifies legitimate online pharmacies and backs the .pharmacy new gTLD.
LegitScript is in favor of greater regulation of the domain name industry in order to make it easier to shut down potentially dangerous web sites (though opponents say it’s more often more interested in protecting Big Pharma’s profit margins). This month it called for a ban on Whois privacy for e-commerce sites.
Steve Metalitz, counsel for the Coalition for Online Accountability (a lobbyist for the movie and music industries) and six-term president of the ICANN Intellectual Property Constituency, is also on the list.
Jonathan Zuck, president of ACT The App Association (aka the Association for Competitive Technology, backed by Verisign and other tech firms) is on the list.
NetChoice director Steve DelBianco is also showing up again. He’s an ICANN hearing mainstay and I gather with this appearance he’ll be getting the final stamp on his Rayburn Building Starbucks loyalty card. That means a free latte, which is always nice.
Internet Commerce Association counsel Phil Corwin is a surprise invitee. ICA represents big domainers and is not a natural ally of the IP side of the house.
Bill Woodcock, executive director of Packet Clearing House, rounds off the list. PCH might not have instant name recognition but it provides Anycast DNS infrastructure services for scores of ccTLDs and gTLDs.
The committee hearing will take place at 10am local time next Wednesday.
A second hearing, entitled “Stakeholder Perspectives on the IANA Transition” will be held four hours later by a subcommittee of the House Energy & Commerce committee. The witnesses for that one have not yet been announced.
It’s going to be a busy day for ICANN bods on Capitol Hill.

Congress to put .sucks on trial

The US Congress is to hold a hearing to look into the .sucks gTLD and ICANN accountability.
A hearing entitled “Stakeholder Perspectives on ICANN: The .sucks Domain and Essential Steps to Guarantee Trust and Accountability in the Internet’s Operation” has been scheduled by the House Subcommittee on Courts, Intellectual Property, and the Internet
It will take place in Washington DC next Wednesday, May 13.
The list of witnesses does not yet appear to have been published.
I would guess we’d be looking at, at the very least, somebody senior from ICANN, somebody senior from .sucks registry Vox Populi, and an intellectual property lawyer.
It was ICANN’s Intellectual Property Constituency that complained about .sucks’ sunrise policies and fees, causing ICANN to refer the matter to US and Canadian trade regulators.
The title of the House hearing suggests that the .sucks controversy will be inextricably tied to the broader issue of ICANN accountability, which is currently undergoing a significant review as ICANN seeks to split permanently from US government oversight.
That’s not great optics for ICANN; I’m sure the organization would rather not have its performance judged on what is quite an unusual edge case emerging from the new gTLD program.

Dot-brand gTLD guilty of domain name hijacking

Fashion retailer Mango, which owns its own dot-brand gTLD, has been found guilty of Reverse Domain Name Hijacking after allegedly doctoring evidence in a .uk cybersquatting case.
The company, which runs .mango, lost a Nominet Dispute Resolution Service complaint against New Zealand-based domain investor Garth Piesse over mango.co.uk and mango.uk.
It’s only the sixth RDNH finding in 13 years of DRS history.
Mango tried to buy the domain using a pseudonym and, when Piesse asked for “six figures”, filed the DRS instead.
Piesse claimed in what appears to have been a well-argued defense that the person attempting to buy the domain on Mango’s behalf did not identify Mango as the would-be buyer.
Further, he claimed that Mango deliberately tried to hide this fact from the DRS panel by scrubbing its negotiator’s email address from evidence it submitted.
While DRS panelist Tim Brown did not agree that this omission alone was enough to find RNDH, he agreed that Mango did not have “entirely clean hands”. He ruled:

The sequence of events in the present case appears to show that the Complainant attempted to buy from the Respondent. When these negotiations failed the Complainant started proceedings under the DRS. As I have noted, the Complainant has relied on bare assertion and has provided a paucity of evidence to support its arguments.
Even a cursory reading of the Policy, Procedure and extensive guidance on Nominet’s website would quickly show that a matter concerning a clearly generic, dictionary term would require a higher standard of argument and evidence than is perhaps common. That the Complainant has failed to come anywhere close to providing sufficient argument or evidence is, in my view, strongly indicative that the Complainant pursued this dispute in frustration at the Respondent’s unwillingness to sell for a price it was willing to pay, rather than because of the merits of its position in terms of the Policy’s requirements.
I conclude that the Complainant brought a speculative complaint in bad faith in an attempt to deprive the Respondent of the Domain Names. I therefore determine that the Complainant has engaged in Reverse Domain Name Hijacking.

Spain-based Mango has owned its trademarks for well over a decade, and Piesse only got his hands on the domains in question in 2013 and 2014.
Piesse, who owns about 18,000 domains, was able to show that Mango the brand is unheard of in New Zealand and that he has a track record of buying fruit-based .uk domain names.

Whois privacy reforms incoming

Whois privacy services will become regulated by ICANN under proposals published today, but there’s a big disagreement about whether all companies should be allowed to use them.
A working group has released the first draft of its recommendations covering privacy and proxy services, which mask the identity and contact details of domain registrants.
The report says that P/P services should be accredited by ICANN much like registrars are today.
Registrars should be obliged to disclose which such services they operate or are affilated with, presumably at the risk of their Registrar Accreditation Agreement if they do not comply, the report recommends.
A highlight of the paper is a set of proposed rules governing the release of private Whois data when it is requested by intellectual property interests.
Under the proposed rules, privacy services would not be allowed to reject such requests purely because the alleged infringement deals with the content of a web site rather than just the domain.
So the identity of a private registrant of a non-infringing domain would be vulnerable to disclosure if, for example, the domain hosted bootleg content.
Registrars would be able to charge IP owners a nominal “cost recovery” fee in order to process requests and would be able to ignore spammy automated requests that did not appear to have been manually vetted.
There’d be a new arbitration process that would kick in to resolve disputes between IP interests and P/P service providers.
The 98 pages of recommendations (pdf) were drafted by the Generic Names Supporting Organization’s Privacy & Proxy Services Accreditation Issues Working Group (PPSAI) and opened for public comment today.
There are a lot of gaps in the report. Work, it seems, still needs to be done.
For example, it acknowledges that the working group didn’t reach any conclusions about what should happen when law enforcement agencies ask for private data.
The group was dominated by registrars and IP interests. There was only one LEA representative and only one governmental representative, and they participated in a very small number of teleconferences.
There was also a sharp division on the issue of who should be able to use privacy services, with two dissenting opinions attached to the report.
One faction, led by MarkMonitor and including Facebook, Domain Tools and fake pharmacy watchdog LegitScript, said that any company that engages in e-commerce transactions should be ineligible for privacy, saying: “Transparent information helps prevent malicious activity”.
Another group, comprising a handful of non-commercial stakeholders, said that no kind of activity should prevent you from registering a domain privately, pointing to the example of persecuted political groups using web sites to raise funds.
There was a general consensus, however, than merely being a commercial entity should not alone exclude you from using a P/P service.
Currently, registrar signatories to the 2013 RAA are bound by a temporary P/P policy that is set to expire January 2017 or whenever the P/P accreditation process starts.
There are a lot of recommendations in the report, and I’ve only touched on a handful here. The public comment period closes July 7.

Cybersquatter jailed for seven years after prison break

Fraudster Neil Moore, who escaped from prison by cybersquatting, has reportedly been handed a seven-year sentence by a British court.
As we reported last month, Moore escaped from Wandsworth prison merely by sending an email ordering his release from an hmcts-gsi-gov.org.uk email address.
He’d registered the name, a typo of the genuine hmcts.gsi.gov.uk used by the UK court service, on a smuggled smartphone.
He was being held on remand for an unrelated fraud at the time.
Today’s sentencing follows Moore pleading guilty to eight counts of fraud (it doesn’t seem those were related to cybersquatting) and one count of wrongful escape from custody.

Australia considers dumping the .com.

Australian domain overseer auDA is thinking about allowing people to register .au domains directly at the second level for the first time.
The organization has opened up a consultation that would allow registrations such as example.au, rather than just the current system of example.com.au, example.org.au and so on.
The move follows the successful recent releases of 2LDs in the UK (.uk) and New Zealand (.nz) ccTLDs and can be seen as a bid to remain competitive in the face of the new gTLD program’s huge expansion of TLD choice.
A consultation paper (pdf) published today reads:

It is suggested that unprecedented competition from new gTLDs requires .au to be more responsive to global market forces. For .au to remain a strong and highly-regarded TLD we need not only to rely on its distinctive Australian identity and good reputation, but continue to innovate in order to counter the likely impact of hundreds of new gTLDs flooding the market. Whilst .au is currently very popular with Australian users, there is potential for new gTLDs to erode the brand equity in .au.

Currently, .au has over a dozen different second-level options, but about 85% of registrations are in .com.au. The TLD has just shy of three million names today.
Complicating matters slightly, the different 2LDs have different registration policies, so auDA would need to figure out a way to harmonize them for direct registrations.
auDA speculates that direct registrations may increase the adoption of .au domain names by individuals not currently able to obtain .com.au names but unaware of the individual-focused .id.au (it exists, apparently), thereby growing the .au name space.
It also worries that many second-level direct registrations may turn out to be defensives, registered by the registrants of the matching .com.au names.
The consultation is open for comments until June 1.

Does Chehade agree with Donuts on .doctor?

Should governments have the right to force business-limiting restrictions on new gTLD operators, even though they don’t have the same rules in their own ccTLDs?
ICANN CEO Fadi Chehade evidently believes the answer to that question is “No”, but it’s what ICANN is controversially imposing on Donuts and two other .doctor applicants anyway.
Donuts recently filed a Request for Reconsideration appeal with ICANN over its decision to make the .doctor gTLD restricted to medical professionals only.
It was an unprecedented “Public Interest Commitment” demanded by ICANN staff in order to keep the Governmental Advisory Committee happy.
The GAC has been asking for almost two years for so-called “Category 1” gTLD strings — which could be seen to represent highly regulated sectors such as law or medicine — to see a commensurate amount of regulation from ICANN.
Governments wanted, for example, registrants to show professional credentials before being able to register a name.
In the vast majority of instances, ICANN creatively reinterpreted this advice to require registrants to merely assert that they possess such credentials.
These rules were put in registries’ contracts via PICs.
But for some reason in February the organization told Donuts that .doctor domains must be “ascribed exclusively to legitimate medical practitioners.”
According to Donuts, this came out of the blue, is completely unnecessary, an example of ICANN staff making up policy on the spot.
Donuts wants to be able to to sell .doctor names to doctors of any discipline, not just medical doctors. It also wants people to be able to use the names creatively, such as “computer.doctor” or “skateboard.doctor”.
What makes ICANN’s decision especially confusing is that CEO Fadi Chehade had the previous day passionately leaped to the defense of new gTLD registries in their fight against unnecessary GAC-imposed red tape.
The following video, in which Chehade uses .dentist as an example of a string that should not be subject to even more oversight, was taken February 11 at a Q&A with the Domain Name Assocation.
The New gTLD Program Committee meeting that authorized ICANN staff to add the new PIC took place February 12, the very next day. Chehade did not attend.

It’s quite remarkable how in line with registries Chehade seems to be.
It cuts to the heart of what many believe is wrong with the GAC — that governments demand of ICANN policies that they haven’t even bothered to implement in their own countries, just because it’s much easier to lean on ICANN than to pass regulations at home.
Here’s the entire text of his answer. He’s describing conversations he’d had with GAC members earlier in the week.

They’re saying stop all the Category 1 TLDs. Stop them. Freeze them!
And we said: Why do we need to freeze them? What’s the issue?
They said: It’s going to harm consumers.
How will it harm consumers? We started having a debate.
It turns out that they’re worried that if somebody got fadi.casino or fadi.dentist, to pick one of Statton’s [Statton Hammock, VP at Rightside, who was present], that this person is not a dentist and will pluck your ear instead of your teeth. How do you make sure they’re a dentist?
So I asked the European Commission: How do you make sure dentist.eu is a dentist?
They said: We don’t. They just get it.
I said: Okay, so why do these guys [new gTLD registries] have to do anything different?
And they said: The new gTLD program should be better or a model…
I said: Come on guys, do not apply rules that you’re not using today to these new folks simply because it’s easy, because you can come and raise flags here at ICANN. Let’s be fair. How do you do it at EU?
“Well, if somebody reports that fadi.dentist.eu is not a dentist, we remove them.”
Statton said: We do the same thing. It’s in our PICs. If fadi.dentist is not, and somebody reports them…
They said: But we can’t call compliance.
You can call compliance. Anyone can call compliance. Call us and we’ll follow up. With Statton, with the registrar.

What we have here is Chehade making a passionate case for the domain name industry’s right to sell medical-themed domain names without undue regulation — using many of the same arguments that Donuts is using in its Reconsideration appeal — then failing to show up for a board meeting the next day when that specific issue was addressed.
It’s impossible to know whether the NGPC would have reached a different decision had Chehade been at the February 12 meeting, because no formal vote was taken.
Rather, the committee merely passed along its “sense” that ICANN staff should carrying on what it was doing with regards implementing GAC advice on Category 1 strings.
While Chehade is but one voice on the NGPC, as CEO he is in charge of the ICANN staff, so one would imagine the decision to add the unprecedented new PIC to the .doctor contract falls into his area of responsibility.
That makes it all the more baffling that Donuts, and the other .doctor new gTLD applicants, are faced with this unique demand to restrict their registrant base to one subset of potential customers.

Could you survive a .sucks UDRP?

If you register a .sucks domain matching a brand, could you survive a subsequent UDRP complaint? Opinion is mixed.
In my view, how UDRP treats .sucks registrants will be a crucial test of Vox Populi Registry’s business model.
Vox Populi Registry clearly envisages — and is actively encouraging with its policies — genuine critics, commentators and consumer advocates to register .sucks domains that match famous trademarks.
I really like this idea. Power to the people and all that.
But will UDRP panelists agree with me and Vox Pop? Cybersquatting case law under UDRP says, very firmly: “It depends.”
Statistics generally favor mark owners
To date, there have been exactly 100 resolved UDRP complaints against domains that end in “sucks.com”.
Of those, 47 cases ended up with a full transfer of the domain to the trademark owner. Only 30 resulted in a the complaint being denied.
Another 19 cases were withdrawn or terminated; the remainder were split decisions.
So it seems, based on historical “sucks” cases, that the odds favor trademark owners.
But each case is, theoretically at least, judged on its merits. So it does not necessarily hold that most .sucks UDRP complaints will be successful.
What does WIPO say?
The World Intellectual Property Association, which administers most UDRP cases, published a set of guidelines for its panelists.
Some guidelines specifically addresses “sucks” sites, but the advice is not always clear-cut.
There are three elements to UDRP. First, the complainant must show that the domain name in question is identical or confusingly similar to its trademark.
According to WIPO, it’s the “consensus view” of UDRP panelists that adding “sucks” to a trademark at the second level does NOT stop a domain being confusiningly similar. WIPO says:

Generally, a domain name consisting of a trademark and a negative or pejorative term (such as [trademark]sucks.com) would be considered confusingly similar to the complainant’s trademark for the purpose of satisfying the standing requirement under the first element of the UDRP (with the merits of such cases typically falling to be decided under subsequent elements). Panels have recognized that inclusion of a subsidiary word to the dominant feature of a mark at issue typically does not serve to obviate confusion for purposes of the UDRP’s first element threshold requirement, and/or that there may be a particular risk of confusion among Internet users whose first language is not the language of the domain name

Some panels have disagreed with this prevailing view, however.
It remains to be seen whether moving the string “sucks” to the right of the dot would affect the outcome, but it’s established UDRP case law that the dot in a domain can be pretty much ignored when testing for similarity.
The TLD a domain uses can be taken into account if it’s relevant or disregarded if it is not, according to precedent.
The second test under UDRP is whether the registrant of the domain has legitimate rights or interests.
Panelists disagree on this point. WIPO says:

The right to criticize does not necessarily extend to registering and using a domain name that is identical or confusingly similar to the complainant’s trademark. That is especially the case if the respondent is using the trademark alone as the domain name (i.e., [trademark.tld]) as that may be understood by Internet users as impersonating the trademark owner.

That view would seem to apply specifically to the use cases Vox Pop has in mind — the registry wants critics to own [trademark].sucks domains in order to criticize the trademark owner.
In the 2003 case of natwestbanksucks.com, the WIPO panel drew on earlier precedent to find that the registrant had no rights to the domain.

Respondents’ can very well achieve their objective of criticism by adopting a domain name that is not identical or substantially similar to Complainants’ marks. Given the free nature of the media which is the Internet and the chaotic spamming that has become epidemic, it does not appear that one can be at full liberty to use someone else’s trade name or trademark by simply claiming the right to exercise a right to freedom of expression”.

In other words: you may have a right to free speech on the internet, but you do not have the right to exercise it simply by adding “sucks” to a famous trademark.
But other UDRP panelists have disagreed. WIPO says that some panelists have found:

Irrespective of whether the domain name as such connotes criticism, the respondent has a legitimate interest in using the trademark as part of the domain name of a criticism site if such use is fair and noncommercial.

The third element of UDRP is bad faith. Complainants have to show that the registrant is up to something dodgy.
Some panelists have a pretty low threshold for what constitutes bad faith. Merely having the page parked — even if you did not park it yourself — can point to bad faith, especially in “sucks” cases.
WIPO says that “tarnishment” of a trademark — such as posting porn, which is banned under Vox Pop’s AUP anyway — can be bad faith, but legitimate criticism would not usually:

While it would not normally extend to the mere posting of information about a complainant, or to the posting of genuine, non-commercial criticism regarding the trademark holder, it may extend to commercially motivated criticism by (or likely on behalf of) a competitor of such trademark holder.

So, with all that in mind, here are some tips for improving your odds of surviving a .sucks UDRP.
How to beat a .sucks UDRP
Poring over dozens of “sucks.com” decisions, it quickly becomes clear that there are certain things you should definitely do and not do if you want to keep a hold of your brand-match .sucks domain.
Given the volume of precedent, you’ll have a hard time showing that your domain is not identical or confusingly similar to the trademark in question — strike one — but there are ways to show legitimate interests and rebut claims of bad faith.
1. Respond
To show you lack legitimate interests, the complainant only needs to make a face-value argument that you do not. Then the burden of proof to show rights switches to you.
If you don’t respond to the UDRP, the panel will find you lack rights. Panelists rarely try to fight the corner of a registrant who has not responded.
That’s strike two.
2. Don’t allow your domain to be parked
If a domain is parked, UDRP panelists in “sucks.com” cases invariably find that the registrant lacks legitimate interests and has shown bad faith.
Parking is considered a commercial activity, so you won’t be able to argue convincingly that you’re exercising your right to non-commercial free speech if your domain is splashed with links to the trademark owner’s competitors.
This holds true even if the domain was automatically parked by your registrar.
Dozens (hundreds?) of UDRP cases have been lost because Go Daddy parked the newly registered domain automatically, enabling the complainant to show commercial use.
Panelists are usually happy to overlook the lack of direct bad faith action by the registrant in such cases.
Parking will usually lead to strikes two and three.
In the case of .sucks, parking is actually banned by Vox Populi’s acceptable use policies (pdf).
But the registry will only enforce this policy if it receives a complaint. I don’t know if the Registry-Registrar Agreement, which isn’t public, prohibits registrars auto-parking new domains.
3. Develop a site as soon as possible
In some “sucks.com” cases, respondents have argued that they had intended to put up a criticism site, but could not provide evidence to back up the claims.
If you register a .sucks matching a trademark, you’ll want to put up some kind of site ASAP.
In the case of kohlersucks.com, the registrant had merely framed a Better Business Bureau web page, which was found to show non-commercial criticism use.
4. Don’t offer to sell the domain
It should go without saying that offering to sell the domain to the trademark owner shows bad faith; it looks like extortion.
Panelists regularly also find that registrants give up their legitimate rights to a domain as soon as they make it available to buy.
5. Don’t make any money whatsoever
The second you start making money from a domain that matches a trademark, you’re venturing into the territory of commercial use and are much more likely to fail the WIPO test of “genuine, non-commercial criticism”.
6. Be American
Depressingly, you stand a better chance of fighting off a UDRP on free speech grounds if both the case involves US-based parties and a US-based panelist.
Panelists are more likely to draw on the US Constitution’s First Amendment and associated non-UDRP case law when determining rights or legitimate interests, when the registrant is American.
Merely registering with a US-based registrar is not enough to confer First Amendment rights to a registrant living outside of the US, according to UDRP panels.
Even though freedom of speech is a right in most of the world, in the universe of UDRP it seems the rest of us are second-class citizens compared to the yanks.